WP Mobile Detector Vulnerability

WP Mobile Detector, a WordPress plugin, contains a vulnerability in versions prior to 3.6. Exploitation of this vulnerability could allow an attacker to take control of an affected website.

US-CERT encourages users and administrators to disable the configuration option allow_url_fopen if it is not explicitly needed, review the WP Mobile Detector Changelog for more information, and apply the necessary update.